System and method for automatic data security, back-up and control for mobile devices

ABSTRACT

Systems and methods for providing security, monitoring, and control of mobile communications device activity including at least one mobile communication device with software operable thereon for receiving rules provided by an authorized user of the device(s) and in accordance with those rules administering actions to provide for controlling, monitoring, and security data stored or generated on the device(s), including logging data and activities related to the mobile communications device, blocking and filtering calls, messages, websites, emails, and combinations thereof, via wireless communication with a remote server computer having a corresponding software module operable thereon for managing and implementing the rules.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation-in-part of U.S. application Ser. No. 14/840,603, filed Aug. 31, 2015, which is a continuation-in-part of U.S. application Ser. No. 14/322,997, filed Jul. 3, 2014, which is a continuation of U.S. application Ser. No. 13/287,523, filed Nov. 2, 2011, which is a continuation-in-part of U.S. application Ser. No. 12/287,868, filed on Oct. 14, 2008, each of which is incorporated herein by reference in their entirety.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates generally to data security, back-up, logging, monitoring and control for mobile communication devices. Further, the present invention relates to mobile communication devices and remote access and automatic control for data security, back-up, and logging based on rules defined for a device or user of the device by an authorized user and the systems, and methods relating thereto.

2. Description of the Prior Art

Generally, it is known in the relevant art to provide systems and methods for communication record logging, mobile web log related to device activity, and data back-up. Also, generally it is known in the relevant art to provide for security related to mobile devices, including portable computers and mobile communication devices and personal digital assistant (PDA) devices. By way of example, the following U.S. Patents and Publications are provided:

U.S. Pat. No. 7,069,003 for “Method and apparatus for automatically updating a mobile web log (blog) to reflect mobile terminal activity,” filed Oct. 6, 2003 by Lehikoinen, et al., describes a mobile terminal including a memory storing application software and data that is descriptive of the use of the mobile terminal, a display and controller that is responsive to the application software and to at least a sub-set of the stored data for visualizing on the display, in graphical form, the use of the mobile station over time.

U.S. Publication 2007/0111704 for “System and method for communication record logging,” filed Oct. 16, 2006 by Linkert, et al., discloses a method for maintaining a log of communications initiated or received at a portable electronic device, including short message service (SMS) messages, personal identification number (PIN) messages, and cellular telephone calls, wherein the method includes receiving a data record from each of the communications, extracting information from the data record, and storing information in a log file.

U.S. Publication 2007/0281664 for “Portable wireless terminal and its security system,” filed May 16, 2007 by Kaneko, et al., teaches a portable wireless terminal, like a cellular phone, and its security system for preventing by remote control improper use of the portable wireless terminal by a third party when it is lost or stolen, including data back-up to a remote center by remote control from the center via a wireless network, and including encryption, public-private key, and data fragmentation.

U.S. Publication 2007/0299631 for “Logging user actions within activity context,” filed Jun. 27, 2006 by Macbeth, et al., includes maintaining a log of user keystrokes, files accessed, files opened, files created, websites visited, communication events, for example phone calls, instant messaging, communications, etc.

U.S. Publication 2008/0233919 for “System and method for limiting mobile device functionality,” filed Feb. 9, 2005 by Kenney, discloses mechanisms for selectively disabling mobile device functionality to prevent unauthorized access to personal data stored on the mobile device, like bank account numbers, social security numbers, and credit card numbers. Thus there remains a need for systems and methods that provide for automatically controlling data security, back-up, logging, access and for providing remote access to the data back-up and mobile communication device operation, based upon user-defined rules for such automation, rather than merely providing security for the incidence of lost or stolen mobile communication devices.

SUMMARY OF THE INVENTION

A first aspect of the present invention includes methods for automatically providing control and security for mobile communication devices and data created, received, and/or stored thereon, including steps of logging data and activities related to the mobile communications device, blocking and filtering calls, voicemail, Short Message Service (SMS) messages, Multimedia Messaging Service (MMS) messages, Rich Communication Services (RCS) messages, Smart Messaging messages, Advanced Messaging messages, banking transactions, purchases, photos, videos, Instant Messages, websites, emails, applications, social media, geographic location and combinations thereof, via wireless communication with a remote server computer having a corresponding software module operable thereon for managing and implementing rules that are initially selected or generated by authorized user(s) of the device(s). Different levels of access and rules authority are preferably provided for different users, such as a first user being a system administrator or parent having one level and a device user or child having a second, lower grade level that is subjected to limitations based on the first user, all for the same device.

A second aspect of the present invention is to provide a system having at least one mobile communication device with software operable thereon for receiving rules provided by an authorized user of the device(s) and in accordance with those rules administering actions to provide for controlling and securing data stored, received, or generated on the device(s), including logging data and activities related to the mobile communications device, blocking and filtering calls, voicemail, SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, banking transactions, purchases, photos, videos, Instant Messages, websites, emails, geographic location, applications, social media applications such as Facebook, LinkedIn, Twitter and the like and combinations thereof, via wireless communication with a remote server computer having a corresponding software module operable thereon for managing and implementing the rules. The remote server computer will have a web-based software module that will be used to access the logs, records for device activities including applications and enable/disable device locking options.

None of the prior art references provide for authorized user-based rules selection, modification and remote management and implementation for mobile communications devices to include rules governing all aspects of data security and device security, such as data back-up, device operation and access to predetermined numbers, contacts, and/or websites or addresses, device receipt of calls, messages, SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, banking transactions, purchases, photos, Instant Messages, social media applications such as Facebook, LinkedIn, Twitter and the like and websites from predetermined or all numbers, contacts, and/or websites or addresses for predetermined duration or dates/times, in addition to device locking and application control and management.

These and other aspects of the present invention will become apparent to those skilled in the art after a reading of the following description of the preferred embodiment when considered with the drawings, as they support the claimed invention.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a schematic diagram illustrating one embodiment of the system according to the present invention.

FIG. 2 shows a flow diagram illustrating steps involved with methods of the present invention.

DETAILED DESCRIPTION

Referring now to the drawings in general, the illustrations are for the purpose of describing a preferred embodiment of the invention and are not intended to limit the invention thereto.

The present invention provides for a system having at least one mobile communication device with software operable thereon for receiving rules provided by an authorized user of the device(s) and in accordance with those rules administering actions to provide for controlling and security data stored, received or generated on the device(s), including logging data and activities related to the mobile communications device, blocking and filtering calls, voicemail, messages, SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, banking transactions, purchases, photos, videos, Instant Messages, applications, social media applications such as Facebook, LinkedIn, Twitter and the like, websites, emails, and combinations thereof, via wireless communication with a remote server computer having a corresponding software module operable thereon for managing and implementing the rules. Accordingly, FIG. 1 illustrates a schematic diagram illustrating one embodiment of the system according to the present invention, including a remote server computer (RSC), wireless network communication signals, an interface protocol to connect mobile device to RSC, such as REST based web service, and at least one mobile device in communication with the RSC, data stored in memory on the device(s) and having back-up and user-specific configuration data stored in memory at the RSC. One of ordinary skill will understand and appreciate that other computer components including processors, input/output devices and displays with graphical user interface operability are included in the system for providing user inputs and for reviewing status indication of the rules and status of implementation on device(s) via remote access or direct access to the server through a network via the target device or other non-target devices not governed by the rules.

Additionally, the present invention provides methods for providing automatic control and security for mobile communication devices and data created, received, and/or stored thereon based upon rules selected by an authorized user of the device, including steps of providing software operable on the device for logging data and activities related to the mobile communications device, blocking and filtering communication, including data and voice conversations in real-time and voicemail left on the carrier network, calls, messages, SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, banking transactions, purchases, photos, videos, Instant Messages, social media applications such as Facebook, LinkedIn, Twitter and the like, websites, emails, and combinations thereof, via wireless communication with a remote server computer and system as set forth hereinabove. FIG. 2 shows a flow diagram illustrating steps involved with methods of the present invention, providing the software program module operable on the mobile communication device, and steps associated with associating an authorized user(s) with the device as set forth hereinbelow, the software program module operating with the following steps: being activated upon installation or download and operating substantially continuously for polling and/or communication with a remote server computer, downloading rules from the server including initial rules and rules updates as available, administering the rules for controlling the device operation, uploading data to the server, wherein the data includes activity log, activity data, duration, frequency, content, etc., storing select data on the device, storing select data only when the device is offline, and combinations thereof. The present invention further provides for forwarding the data in a customizable format, making it readable and searchable to a third-party vendor or to a customer's server on premises. Thus, the device software and the RSC provides for all SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, banking transactions, purchases, Instant Messages, chat, photos, applications, geographic locations, social media applications such as Facebook, LinkedIn, Twitter and the like, voice conversations and voicemail to be captured, logged, archived and made searchable by the customer via the graphical user interface or sent to a third-party provider or to customers premise.

Preferably, the steps include an authorized user associated with at least one mobile communication device or an administrator establishing rules governing the operation of the functions of the system for providing data and device security and remote access to same by the authorized user. The rules may be selected from predetermined options or generated uniquely by the user and input to the system by the authorized user following an authentication and/or authorization step. The device-operable software functions to provide the steps according to those rules, including but not limited to logging and storing data input and/or generated on the mobile communication device, blocking and/or filtering phone calls, messages, and/or websites, archiving data and tagging it for retrieval and optional searchability, auditing and reporting and locking the device from predetermined selected or all activity for a duration or programmed date(s) and corresponding time(s).

In preferred embodiments of the present invention, the rules for all functionality of the software and corresponding device security and data security and all associated activities are defined by the authorized user(s) of the device or the device owner or administrator. In the case of corporate or business mobile communications, the device authorized user may have a first predetermined level of rules options for selection and implementation, and a system administrator or supervisor may have a second predetermined level of rules options that provide for overriding and/or limiting selections of the actual device user. Similarly, in the case of minor children, a child device authorized user may have a first predetermined level of rules options and the parent(s) may have a second predetermined level of rules options that provide for administrative authorization and access to the data back-up, as well as blocking and filtering and device locking functions. For example, the second predetermined level of rules may include: remote wipe/erase of the device, remote lock of the device, clearing and resetting the password, preventing certain applications from being installed and/or deleted and locking use of camera and the like.

Other examples include the device software and RSC providing mobile applications to be installed, uninstalled and managed remotely over the network directly to the mobile device. The system and device tracks and controls approved and unapproved applications being installed on the device and ensures users install approved applications. Also the system and device manage, lock, and permit users to access specific web-based applications, mobile applications and SaaS services and internet sites. The device software and RSC further provides for remote control of which devices are permitted or prohibited to connect to an internal network.

The device software and the RSC according to the present invention also provide for a “push” notification prompting the device to check in for tasks, policies and queries.

A complete inventory management of the devices which have the device software installed and are “connected” to the RSC is provided for, including user authentication, certificate enrollment and device configuration.

In any case, the rules can be selected, generated and input to the system through a web-based user interface accessible by any web-enabled device, including but not limited to the target mobile communication device(s) to which those rules would apply. Additionally, rules may be updated, modified, reviewed, and eliminated by authorized users through the same type of user interface via the web, regardless of device access. As will be understood and appreciated, user authentication and authorization may be provided in a number of ways, including, by way of example and not limitation, a user identification (userID) and corresponding password, passcode, or personal identification number (PIN). Additional authorized users can be added or removed through this system only if an authorized user accesses the system securely with the userID and corresponding passcode. Biometric authentication and other forms of user identification and authentication may be provided in substitute or supplement as appropriate. Preferably, the rules are administered via software operable from the RSC side, thereby providing a smaller software footprint operable on the device, i.e., providing a client side application as a small utility installed or downloaded on the mobile communication device upon registration with the system; in this manner, the application can always be operable or “on” to manage implementation of the rules on the device(s) without interfering with regular operation or draining power or memory in a significant manner. The client side application is operable to poll the RSC on regular and predetermined intervals for checking for new rules data, uploading logs from the device to the RSC, and functioning to conform to any other rules associated directly with that device. A single authorized user can add multiple devices in the system and thus control more than one device from within the same interface. This way, in corporate environments, a single administrator can control all devices of the organization and similarly the parents can control devices for all children. Unlike prior art logging functions for remote communication devices, the present invention logging extends beyond SMS messaging, MMS messaging, IM messaging, social media applications such as Facebook, LinkedIn, Twitter and the like, call activity logging, i.e., identifying what calls and SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, banking transactions, purchases originate on the device or that were received or calls missed to that device. The present invention provides for logging of SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, banking transactions, purchases, and telephone calls and recordings left on the carrier network, including inbound or outgoing, and preferably includes additional data associated therewith (the call timers, name data from contacts and so on), including rules implementation such as call time limitation to predetermined numbers or recipients. Also, logging includes information relating to browsing history, including website information and Uniform Resource Locator (URL), duration and frequency of website visit, downloading history, and other similar activities. Also, text messaging email messaging, SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, purchases, photos, videos, and 3^(rd) party application data and social media applications such as Facebook, LinkedIn, Twitter and the like are included in the logging functions of the present invention. Importantly, with the automated rules implementation including back-up of data and logging information, the present invention provides for the elimination of stored data on the mobile communications device since the device can actively connect with the RSC for uploading data rather than storing data on the device directly. The data is stored on device on temporary basis if the wireless connection is not available and is uploaded to RSC when connection is restored. When uploading the system maintains a parity check for upload activity and unless the data is uploaded successfully, the transactions are not considered as complete. Rules governing data retained on the device in the case of limited wireless connectivity but need for access to certain predetermined information are preferably provided.

Additionally, the RSC controls device security by providing for blocking and filtering of calls, SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, purchases, Instant Messages, Social Media messages, 3^(rd) party applications, banking transactions and URLs based upon the rules. Either predetermined or all numbers or initiators can be blocked from sending communication, data, messages, or calls to the device(s). Also, keywords, key phrases and number sequences can be used as the basis for blocking and/or filtering as well. Selective or all URL blocking or filtering of websites based upon URL, owner, content, etc. is also provided, based upon the rules.

In preferred embodiments, the RSC and software associated with the server side module of the present invention provide for scalability without limitation to number of devices and geographic locations, networks, etc. Advantageously, the present invention is agnostic as to device software and hardware. By way of example and not limitation, at least two mobile devices selected from multiple mobile devices utilize different mobile operating systems. Preferably, any number of mobile devices having different mobile operating systems are operable to work with the systems and methods of the present invention. The present invention provides embodiments for providing for device software supporting Windows Mobile, Google Android, Symbian, RIM Blackberry and Apple iOS devices that are commercially available globally; however, platforms, devices, and operating systems of mobile communications devices can be addressed through software modifications for compatibility and improvements, as well as new devices. The RSC software is designed in consideration to add more platforms and no changes are required on server side software when adding new mobile platforms.

The present invention also further provides for mobile communication device having automated security and control of device functionality including: a mobile device with a software program module operable thereon, wherein the module administers rules that govern device functionality, including filtering and blocking communication to and/or from the device, logging device activity, storing data associated with device activity, including activity frequency, duration and content, and combinations thereof; as well as other functionality set forth hereinabove relating to those aspects of the system applicable at the device level.

Additionally, the system can filter and block such information as passwords or identification numbers such as social security numbers from leaving the device and alert the administrator to these. The system may also similarly filter, block and alert for PING probes. A policy of flagging words, phrases or number sequences can be used to enhance the security of the device.

Certain modifications and improvements will occur to those skilled in the art upon a reading of the foregoing description. By way of example, the blocking and filtering steps may extend beyond phone calls, SMS messages, MMS messages, RCS messages, Smart Messaging messages, Advanced Messaging messages, banking transactions, purchases, IM messages Social Media messages, emails, and websites to further include blocks and filtering of advertising, location information, transactions including commercial transactions, money transactions and solicitations of any form to the mobile communication device, based upon the rules selected and/or predetermined by the authorized user of the device. Similar options for backup and restore of contacts, calendar and other vital data are also available. The above-mentioned examples are provided to serve the purpose of clarifying the aspects of the invention and it will be apparent to one skilled in the art that they do not serve to limit the scope of the invention. All modifications and improvements have been deleted herein for the sake of conciseness and readability but are properly within the scope of the present invention. 

The invention claimed is:
 1. A system for providing improved data management for at least one mobile device comprising: at least one mobile device; and a remote server computer (RSC) operably connected to the at least one mobile device, wherein the at least one mobile device is operable to receive data over a network; wherein the at least one mobile device is operable to upload the data to the RSC; wherein the at least one mobile device does not store the data permanently on the at least one mobile device; wherein the at least one mobile device is operable to store the data on the at least one mobile device temporarily if the connection between the RSC and the at least one mobile device is temporarily unavailable; wherein the RSC is operable to block and/or filter Short Message Service (SMS) messages, Multimedia Messaging Service (MMS) messages, and Rich Communication Services (RCS) messages from the at least one mobile device; wherein the RSC is operable to capture, log, archive, and make searchable via tagging non-blocked SMS messages, non-blocked MMS messages, and non-blocked RCS messages; wherein the at least one mobile device is operable to receive data not originated from the at least one mobile device from the RSC over a network, wherein the at least one mobile device does not store the data not originated from the at least one mobile device on the at least one mobile device and wherein the data not originated from the at least one mobile device includes received SMS messages, received MMS messages, and received RCS messages; wherein the at least one mobile device is operable to upload data originated from the at least one mobile device to the RSC; wherein the at least one mobile device does not store the data originated from the at least one mobile device permanently on the at least one mobile device; wherein the at least one mobile device is operable to store the data originated from the at least one mobile device on the at least one mobile device temporarily if the connection between the RSC and the at least one mobile device is temporarily unavailable; wherein the at least one mobile device is operable to upload the data originated from the at least one mobile device to the RSC upon a restoration of the connection between the RSC and the at least one mobile device; and wherein the at least one mobile device is further operable to delete the temporarily stored data from the at least one mobile device upon completion of the upload of the data originated from the at least one mobile device.
 2. The system of claim 1, wherein the data includes an activity log, activity data, a duration, a frequency, and/or a content.
 3. The system of claim 1, wherein the data is searchable on the RSC.
 4. The system of claim 1, wherein the data includes voice conversations and voicemail left on a carrier network.
 5. The system of claim 1, wherein the RSC is operable to forward the data to a third-party vendor.
 6. A method for providing improved data management for at least one mobile device comprising the steps of: providing a web interface to access a remote server computer (RSC) including a software module over a network; receiving rules through the web interface; storing the rules on the RSC; the software module implementing the rules; wherein the rules include eliminating stored data on the at least one mobile device by storing data on the RSC, wherein the at least one mobile device is operable to actively connect with the RSC for retrieving the data; wherein the at least one mobile device does not store data originated from the at least one mobile device permanently on the at least one mobile device; wherein the at least one mobile device is operable to store data originated from the at least one mobile device on the at least one mobile device temporarily if a connection between the RSC and the at least one mobile device is temporarily unavailable; wherein the at least one mobile device is operable to upload the data originated from the at least one mobile device to the RSC upon a restoration of the connection between the RSC and the at least one mobile device; and wherein the at least one mobile device is further operable to delete the temporarily stored data from the at least one mobile device upon completion of the upload of the data originated from the at least one mobile device; wherein the temporarily stored data includes short message service (SMS) messages, photos, videos, Multimedia Messaging Service (MMS) messages, Rich Communication Service (RCS) messages, instant messages, social media messages, location data, and emails originated on the at least one mobile device.
 7. The method of claim 6, wherein the rules relate to logging data and activities related to the at least one mobile device.
 8. The method of claim 6, wherein the rules activate and control predetermined functionality of the at least one mobile device, wherein the predetermined functionality includes remote wipe/erase of the at least one mobile device, remote lock of the at least one mobile device, remote clearing and resetting password of the mobile device, preventing predetermined applications from being installed on the at least one mobile device and/or deleted from the at least one mobile device, and remotely locking use of a camera on the at least one mobile device. 